runtipi/apps/rego-tunnel-linux/source/Dockerfile

FROM ubuntu:24.04
ENV DEBIAN_FRONTEND=noninteractive
ENV container=docker

# Install systemd and required packages
RUN apt-get update && apt-get install -y \
    systemd systemd-sysv dbus dbus-x11 \
    iproute2 iptables ca-certificates kmod \
    curl wget openssh-client \
    x11vnc xvfb fluxbox novnc websockify xterm nano oathtool \
    xauth libnss3 libatk1.0-0 libatk-bridge2.0-0 \
    libx11-6 libx11-xcb1 libxcomposite1 libxrandr2 libgbm1 libxdamage1 \
    libpango-1.0-0 fonts-liberation \
    libegl1 libgl1 libopengl0 libdbus-1-3 libglib2.0-0 \
    libxkbcommon0 libxkbcommon-x11-0 \
    libxcb1 libxcb-cursor0 libxcb-icccm4 libxcb-image0 libxcb-keysyms1 libxcb-render0 libxcb-render-util0 libxcb-shm0 libxcb-xfixes0 libxcb-xinerama0 libxcb-randr0 libxcb-glx0 \
    xdotool xclip \
    libwebkit2gtk-4.1-0 libgtk-3-0 libxml2 libxss1 libcairo2 libgdk-pixbuf2.0-0 \
    sudo && rm -rf /var/lib/apt/lists/*

RUN apt-get update && (apt-get install -y libasound2t64 || apt-get install -y libasound2) && rm -rf /var/lib/apt/lists/*

# Configure systemd - remove unnecessary units
RUN cd /lib/systemd/system/sysinit.target.wants/ && \
    ls | grep -v systemd-tmpfiles-setup | xargs rm -f && \
    rm -f /lib/systemd/system/multi-user.target.wants/* && \
    rm -f /etc/systemd/system/*.wants/* && \
    rm -f /lib/systemd/system/local-fs.target.wants/* && \
    rm -f /lib/systemd/system/sockets.target.wants/*udev* && \
    rm -f /lib/systemd/system/sockets.target.wants/*initctl* && \
    rm -f /lib/systemd/system/basic.target.wants/* && \
    rm -f /lib/systemd/system/anaconda.target.wants/* && \
    rm -f /lib/systemd/system/plymouth* && \
    rm -f /lib/systemd/system/systemd-update-utmp*

# Pre-create directories needed by Cisco installer
RUN mkdir -p /usr/share/desktop-directories

# Install Cisco Secure Client 5.1.14.145
COPY cisco-secure-client-linux64-5.1.14.145-core-vpn-webdeploy-k9.sh /tmp/cisco-install.sh
RUN chmod +x /tmp/cisco-install.sh && \
    /tmp/cisco-install.sh && \
    rm /tmp/cisco-install.sh && \
    echo "/opt/cisco/secureclient/lib" > /etc/ld.so.conf.d/cisco.conf && \
    ldconfig

# Copy user data (hostscan, etc)
COPY cisco-userdata.tar.gz /tmp/
RUN tar -xzf /tmp/cisco-userdata.tar.gz -C /root && \
    rm /tmp/cisco-userdata.tar.gz

COPY vpn-sso.sh /root/vpn-sso.sh
RUN chmod +x /root/vpn-sso.sh

# Copy AnyConnect preferences
COPY .anyconnect_global /opt/cisco/secureclient/vpn/.anyconnect_global

COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

VOLUME [ "/sys/fs/cgroup" ]
EXPOSE 8806
ENTRYPOINT ["/entrypoint.sh"]